Use certificates for kube-scheduler

[UnderGreen]

After switching to using secure ports for controller-manager and scheduler the /metrics endpoint is not accessible by prometheus. More context can be found in that article why we do need authentication settings: https://octetz.com/docs/2018/2018-12-05-securing-controller-and-scheduler/.

Without those --authentication-kubeconfig and --authorization-kubeconfig RBAC configuration does not have any effect and when one tries to grab the metrics it is resulting in:

{
  "kind": "Status",
  "apiVersion": "v1",
  "metadata": {

  },
  "status": "Failure",
  "message": "forbidden: User \"system:anonymous\" cannot get path \"/metrics\"",
  "reason": "Forbidden",
  "details": {

  },
  "code": 403
}

Error from scheduler/CM:

r[3174]: W1015 14:06:31.230692    3174 authorization.go:156] No authorization-kubeconfig provided, so SubjectAccessReview of authorization tokens won't work